How To Protect Yourself From Identity Theft

Crooks call landlines to run scams (if you get a call asking for any personal information, hang up.) Thieves can rummage through your trash in search of mail with personal info (shredders are about $20, folks). But craftier criminals with WiFi don’t need to resort to those old-school methods. And hundreds of millions of us are easy marks.

When Identity Thieves Strike

For me it happened with a mysterious text from Bank of America on a Friday just before 5 p.m. Everything had been shut down. My debit card? Blocked and useless. My credit card? It’s as if I never had one; dead. And, to make matters worse, I had no cash at that moment. Not a dime. No cash stash. Even if I wanted to I couldn’t make a deposit, and obviously had no way to withdraw money. I was low on gas, needed to pick up my daughter’s prescription, and was then headed to pick up dinner. Four hours later, it was resolved. But only after I had spent three of those four hours working with the bank’s fraud team: changing codes, passwords, and security questions; having new cards issued; even changing my personal and work email account passwords and codes. I also set up a burner email account just in case—which may have been overkill, but I was paranoid. Someone had stolen me—or at least my credit card and checking and savings account information. And the charges stacked up in just a couple of hours, . Fortunately, I’m usually broke and have instituted my own self-imposed pretty low credit limit. So this is the one time I can say, I’m glad I’m poor.

So, how did it happen to you? Oh, it hasn’t? Well count yourself very lucky, because for some 15 million of the rest of us, , this kind of experience sounds eerily familiar. And though my own adventure with potential identity theft was a nuisance and stressful, it was mild—benign, even—compared to others who have had their lives turned completely upside down.

The U.S. Department of Justice (DOJ) isn’t up to date on the stats; their data is from 2014. But the 2017 Identity Fraud Study by Javelin Strategy & Research discovered that around $16 billion was stolen from more than 15.4 million Americans in 2016. An all-time high that can only get worse. [1]

Signs Your Identity Has Been Stolen

What can thieves do with your checking account or social security numbers? A lot. Steal your money, open or close accounts, even file false tax returns—for starters. This is an ugly business and you’re at risk.

The U. S. Federal Trade Commission (FTC) has issued a warning list of signs you’re the victim of identity theft. They include:

Unusual transactions like withdrawals from your bank accounts or credit or debit card purchases you never made,

Maybe while shopping your credit and debit cards are refused, or checks bounce,

Perhaps you get bills for goods and services you never ordered or purchased, or out of the blue,

You get a call from a debt collection agency for a debt you don’t owe,

Or the unimaginable; your stolen identity is used to create an ID used by criminals, which could result in cops at your door. [2]

They’ve all happened.

Need more convincing? A good resource is Consumer Reports, which has the identity theft topic covered. Mostly. (I’m saving a nugget for the end.) [3]

Act, Don’t React to Protect Your Identity

Remember the grade school prank, the paper sign saying “Kick me!” surreptitiously taped to a classmate’s backside? Maybe you never did it or had it done to you, but you know what I’m talking about. Well, there’s an adult version: unless you have locked down and away all your private, personal financial and life information from online outlaw plunderers, you’re wearing that sign—except now it says: “Rob me!”

And unless you live off the grid—with no electronics, no Internet, off somewhere in a remote cabin in the woods—chances are you have either been a victim of identity fraud or theft, know someone who has been a victim, or very likely will become one in the future. Unless you act now.

Strike back, Outsmart Online Scammers

The last thing you want to have to do is what I and others were stuck with: recovery. It’s unsettling, painstaking, annoying, and infuriating: calling the bank, closing accounts, reporting to your credit card company and credit bureau, filing police reports…and you should file a report with the FTC so they can hopefully come a step closer to nailing the thieves—you can do that here. [5]

But you don’t have to wait to be victimized to do something. Preventive measures can stop fraud and identity theft before they happen. Fifteen million last year, and you can bet the farm that number will go up for 2017. So unless you’re nonchalant about possibly ending up as a victim and a statistic, you have work to do to keep your information safe: your identity, your credit and debit cards, your bank accounts, your tax information, your social security number, even your medical records.

It’s vital to take precautions to keep your personal stuff private, starting with the obvious protection of hard copy vital documents kept locked up and dry. But more vital than ever is to avoid electronic identity theft.

(My new rule: If I don’t know you, if we have not done safe, secure business together before—be it a car insurance quote or online purchase—I am not giving my info to you and certainly not my social security number or any financial data.)

Crooks can be pretty savvy and the ruses get more sophisticated. The FTC has some smart suggestions to keep your stuff safe. [6]

Start by encrypting your data. Don’t worry about what that means, just do it. Seriously, if you are online a lot, malware won’t stop bad guys (and gals) from breaking in and making off with your personal information. PC Magazine has a good list and information on encryption apps and software that’s so easy your grade-schooler or young grandchild can probably handle it. [7]

Next, keep passwords private and safe by using a password manager tool for your devices. PC Magazine online has a tidy wrap-up of the best password managers to fit your needs and life. This is an essential, people. A manager can store all your unique passwords in one spot with one master password for access. It’s smart and easy. [8]

The FTC has a cool idea too for passwords, too. Think of a phrase, then use the first letter or number to create your password. For example: “I have twins and 1 stepdaughter!” becomes “Ihta1s!”

Another must-do security measure is to do two-step authentication for your email account or accounts. [6]

And never, ever open an email that looks even remotely unfamiliar or suspicious, and never, ever click on a link inside an email from a party you don’t know or trust. If it was a meme or gif you’ve missed, oh well.

It’s also smart to do a fraud alert, if you think you’ve been hacked, had your identity stolen, or some other suspicious or nefarious doings inside your personal life online. Again, the FTC has you covered. [9]

If Mark Zuckerberg is Worried, I Am Too

All of this may seem like overkill. But remember that figure: 15 million victims of identity fraud and theft in 2016. An old saying comes to mind: “An ounce of prevention is worth a pound of cure” (or in this case, months of recovery work). Also, don’t tell the world on Facebook that you’re catching a 10 a.m. flight for Jamaica for a week of fun and sun. Really. Don’t overshare on social media. You might as well put a sign outside your front door that says, “We’re not home. Come on in.”

And finally, a super-smart tip from my super-smart 20-year-old and the world’s fifth-richest man. My daughter has a smiley face sticker covering her laptop webcam. I found it silly and suggested she was paranoid. She sent me a link to an eye-opening article about the founder of Facebook itself. It’s full of fantastic advice, even for those of us not CEOs of a global behemoth:

“I think [it] is sensible to take these precautions,” Graham Cluley, an online security expert and consultant, wrote in an email Wednesday. “As well as intelligence agencies and conventional online criminals who might be interested in targeting [high-profile people’s] billions, there are no doubt plenty of mischievous hackers who would find it amusing to spy upon [anyone].” [10] [quote adjusted for general advice]

If Facebook founder Mark Zuckerberg is paranoid, then maybe we all should be?